DE69930237T2 - Method for allowing communication between two devices, as well as such device and a telecommunication system - Google Patents

Abstract

Known telecommunication systems like a DECT-system comprising a base-station and a handset or like a Digital Home Network system comprising a controller and several devices or a car radio system comprising a car radio and a front are based upon an authorisation process for introducing a new device or for coupling an already introduced but decoupled old device to said telecommunication system. Such authorisation process, which often is user-unfriendly, can be partially or even completely avoided by either using the result of an old identification process or by using a new identification process for identifying a user, which can be done in a much more user-friendly way. <IMAGE>

Description

The The invention relates to a method for allowing communication between at least two devices in a telecommunication system dependent on from an identification process.

Such a procedure is over US 5,970,405 in which a wireless telephone system (telecommunication system) with a wireless telephone (device) is disclosed. This wireless telephone system requires additional identification in the form of a fingerprint for particular destination numbers, with the analysis of the fingerprint having a threshold that depends on the suspicion against the destination number. Thus, according to the prior art patent, there is an additional identification, in addition to inserting a SIM (Subscriber Identification Module), whose additional identification depends on the area in which the wireless telephone is used , is required.

The known method has disadvantages, among other things, because this additional Identification dependent required by the area in which the wireless telephone is used is. This is not user friendly because this extra Identification for suspect everyone Phone call is required.

It It is an object of the invention, inter alia, to provide a method as in the preamble described, which is more user-friendly.

• – Durchführung des Benutzer-Identifizierungs-Prozesses, und
• – Im Fall einer negativen Identifizierung, Überprüfung einer längeren Autorisierungs-Phase/eines Codes, und
• – Im Fall einer positiven Identifizierung Überprüfung einer Sicherheitsstufe der Benutzer-Identifizierung, und
• – Im Fall einer kleineren Sicherheitsstufe Überprüfung einer mittleren Autorisierungs-Phase/eines Codes, und
• – Im Fall einer höheren Sicherheitsstufe Überprüfung einer kürzeren Autorisierungs-Phase/eines Codes oder überhaupt keiner Autorisierungs-Phase/keines Codes.

For this purpose, the method according to the invention is characterized in that the method comprises the following steps:

• - Implementation of the user identification process, and
• In the case of negative identification, verification of a longer authorization phase / code, and
• - In the case of a positive identification verification of a security level of user identification, and
• - In case of a smaller security level, check a medium authorization phase / code, and
• - In the case of a higher security level, check a shorter authorization phase / code or no authorization phase / code at all.

By doing one first performs the user identification process and Then, second, perform the authorization process, which is the review of a longer Authorization phase / a Codes in the case of a negative identification includes, and the review of a Security level in the case of a positive identification, and the review of a middle authorization phase / of a code in case of a smaller one Security level, and the verification of a shorter authorization phase / one Codes or at all no authorization phase / no code in case of a higher security level includes, allows the user identification process, at least to avoid part of the authorization process, and ease of use will be considerable elevated, not for that suspect everyone Call both processes are required.

The The invention is based inter alia on the insight that when the user identification took place has become redundant, at least part of the device authorization is.

The Invention solves including the problem of providing a method to devices who have a mutual confidential relationship, on user-friendly Way to pair without compromising the confidential nature.

In a preferred embodiment According to the invention, the user identification process comprises checking whether a past user identification still valid is.

In A preferred development of the invention is the security level dependent on the type of identification or the identified person / person User checked.

A preferred embodiment of the method according to the invention is characterized in that the smaller security level of a Code identification or speech recognition, while the higher Security level of smart card detection or fingerprint recognition equivalent.

A further execution of the method according to the invention is characterized in that the longer authorization phase / the code of a first, second and third authorization phase / code, the middle authorization phase / the code of the second and third authorization phase / code, and the shorter authorization phase / Code corresponds to the third authorization phase / code.

• – Einen Identifizierungs-Empfänger zum Empfang eines Identifizierungs-Signals, und
• – Einen Autorisierungs-Empfänger zum Empfang eines Autorisierungs-Signals.

The invention further relates to a telecommunication system including a first device to be coupled to a second device, the telecommunication system comprising:

• An identification receiver for receiving an identification signal, and
• An authorization receiver for receiving an authorization signal.

• – Einen Prozessor zur Durchführung eines Benutzer-Identifizierungs-Prozesses, und im Fall einer negativen Identifizierung, Überprüfung einer längeren Autorisierungs-Phase/eines Codes, und im Fall einer positiven Identifizierung Überprüfung einer Sicherheitsstufe der Benutzer-Identifizierung, und im Fall einer kleineren Sicherheitsstufe Überprüfung einer mittleren Autorisierungs-Phase/eines Codes, und im Fall einer höheren Sicherheitsstufe Überprüfung einer kürzeren Autorisierungs-Phase/eines Codes oder überhaupt keiner Autorisierungs-Phase/keines Codes.

The telecommunication system according to the invention is characterized in that the telecommunication system includes:

• - A processor for performing a user identification process, and in case of a negative identification, checking a longer authorization phase / code, and in case of a positive identification checking a security level of the user identification, and in case of a smaller security level verification a middle authorization phase / code, and in the case of a higher security level, a shorter authorization phase / code check or no authorization phase / code at all.

A preferred embodiment of the telecommunication system according to the invention is characterized characterized in that the smaller security level of a code detection or a speech recognition, while the higher security level corresponds to a Smart Card Detection or Fingerprint Detection.

The Telecommunication system according to the prior art can continue to be an existing DECT system, the devices DECT devices are and a first device in the form of a or several DECT base stations and / or one or more DECT telephones, and a second device in the form of another, new DECT telephone present, which are added to the existing DECT system should be entered by long manufacturer codes that are checked by the DECT system have to. One such time-consuming authorization process is required to prevent fraud. Or the telecommunication system is for For example, a car radio system that has a first device in the form of a Car radios without control panel and a second device in the form of this Keypad contains. After installing this keypad, a PIN code must be entered will be even more time consuming before the radio can be used Authorization process. Both time consuming authorization processes be according to the invention reduced or even avoided by allowing the identification process avoids at least part of the authorization process.

According to the invention could the identification process in a system, e.g. a DECT system, be realized by the first device (such as a DECT base station and / or a DECT telephone) with a smart card reader or a keyboard for receiving a User codes or with a speech recognizer or a fingerprint reader, etc. equipped to a smart card or a user code or the language or a fingerprint, etc. for identification purposes analyze. In a system, such as a car radio system the identification process can continue to be realized by: used the identification between the engine management system and the ignition key becomes.

A further execution of the telecommunication system according to the invention is characterized characterized in that the telecommunication system comprises a network, which is coupled to the first device, either the first device or the network contains the identification receiver and wherein either the first device or the network contains the processor.

The Network can either be at a first position on a page the first device, wherein the second device itself located on the other side of the first device (for example in the case that both devices belong to a DECT system that has a Control in the form of a gateway and / or server with a digital Home Network (digital home network) is coupled, or for example in the case that the first device controls in the form of a Gateways and / or servers of the Digital Home Network is, the second device one of the several devices of the digital home Network is), or it may be at a second position between Both devices are located (for example, in the case that the first device is a base station (DECT / GSM / DCS / CTS, etc.), wherein the second device is a telephone (DECT / GSM / DCS / CTS, etc.)), or it may be in both positions. Farther There may be a first network in the first position, and a second network may be at the second position.

In the case, that the network contains the processor and the identification receiver in the network the authorization process and the user identification process take place, whereby the authorization recipient either in the network or in one of the devices, being for every receiver, which is in the network, it must not be excluded that (Identification and / or authorization) signals via a Arrive device.

In the case where the first device includes the processor and the identification receiver, in the first device the authorization process and the user identification process take place, with the authorization recipient either in the network or in one of the devices It can not be ruled out that (identification and / or authorization) signals will arrive over a network for each receiver located in a device.

In the case, that the network contains the processor and the first device contains the identification receiver in the network the authorization process and the user identification process instead, the authorization recipient is either in the network or in one of the devices, with identification signals over the first device arrive, and wherein authorization signals either via a Network or over can arrive a device.

In the case, that the network is the identification receiver and the first device includes the processor, in the first device, the Authorization process and the user identification process instead, the authorization recipient is either in the network or in one of the devices, with identification signals over one Network arrive, and where authorization signals either over a network or over can arrive a device.

It However, it must not be excluded that for the identification process a first identification processor is used and that for the authorization process a second authorization processor is used, each of they can be arranged as described above and thereby the options and offers advantages as described above.

• – Einen Identifizierungs-Empfänger zum Empfang eines Identifizierungs-Signals, und
• – Einen Autorisierungs-Empfänger zum Empfang eines Autorisierungs-Signals.

The invention further relates to a first device for coupling to a second device, the first device comprising:

• An identification receiver for receiving an identification signal, and
• An authorization receiver for receiving an authorization signal.

• – Einen Prozessor zur Durchführung eines Benutzer-Identifizierungs-Prozesses und im Fall einer negativen Identifizierung, zur Überprüfung einer langen Autorisierungs-Phase/eines Codes, und im Fall einer positiven Identifizierung zur Überprüfung einer Sicherheitsstufe der Benutzer-Identifizierung, und im Fall einer kleineren Sicherheitsstufe zur Überprüfung einer mittleren Autorisierungs-Phase/eines Codes, und im Fall einer höheren Sicherheitsstufe zur Überprüfung einer kürzeren Autorisierungs-Phase/eines Codes oder überhaupt keiner Autorisierungs-Phase/keines Codes.

The first device according to the invention is characterized in that the first device comprises:

• A processor for performing a user identification process and in case of a negative identification, for checking a long authorization phase / code, and in case of a positive identification for checking a security level of the user identification, and in case of a smaller security level to verify a medium authorization phase / code, and in case of a higher security level to verify a shorter authorization phase / code or no authorization phase / code at all.

A preferred embodiment the device according to the invention is characterized in that the smaller security level of a Code identification or speech recognition, while the higher Security level of smart card detection or fingerprint recognition equivalent.

Preferably corresponds to the longer one Authorization phase / the code of a first, second and third Authorization phase / a Code, the middle authorization phase / code is the second and third authorization phase / code, and the shorter authorization phase / Code is the third authorization phase / code.

In EP99440202.2, EP99440201.4 and EP99440203.0 Systems disclosed in relation to a Digital Home Network, however in none of these documents is the telecommunication system according to the invention disclosed. All sources, including other sources, the re and / or cited within the references considered as belonging to this patent application.

The Invention is based on embodiments explained further, which are described with reference to drawings, wherein

1 discloses a flowchart of the method according to the invention for authorizing a communication between at least two devices in a telecommunication system,

2 discloses a telecommunication system according to the invention including a first device to be coupled to a second device.

In the in 1 flowchart, the following blocks have the following meaning:

1

In the telecommunication system including the first device, the second device must be coupled to the first device ( 1 - coupling required);

2

Is a user recognition positive or negative (via smart card or code or voice or fingerprint, etc.) ( 2 - identification), if yes, go to 3 if not, go to 4 ;

3

Does a user detection have a high security level or a low security level ( 3 - Security level), if high (yes), go to 6 or 7 if not, go to 5 ;

4

Is an initial authorization phase / code correct ( 4 - First authorization), if yes, go to 5 if not, go to 8th ;

5

Is a second authorization phase / code correct ( 5 - Second authorization), if yes, go to 6 if not, go to 8th ;

6

Is a third authorization phase / code correct ( 6 - Third Authorization), if yes, go to 7 if not, go to 8th

7

Authorization ok (in case of a positive identification, no authorization required (from 3 to 7 ) or sufficient authorization in order (from 3 to 7 above 5 and or 6 ), in case of a negative identification, total authorization in order (by 2 to 7 above 4 . 5 and 6 )), Devices can be coupled ( 7 - OK)

8th

Authorization not in order (in case of a positive identification, sufficient authorization not in order (from 3 to 8th above 5 or 6 ), in case of a negative identification, total authorization is out of order (of 2 to 8th above 4 . 4 . 5 or 4 . 5 . 6 )), Devices can not be paired ( 8th - Not OK).

Looking at the flowchart in 1 the method according to the invention works as follows. In the telecommunication system, for example, the first device is a DECT base station already coupled to a first telephone, and a second device in the form of a second telephone has to be coupled to the system, requiring authorization ( 1 ) to prevent unauthorized calls. For this a user ID is checked ( 2 ), either by prompting the user to identify themselves (via smart card or code or voice or fingerprint, etc.) or by verifying a user identification that has been performed in the past but is still valid. In the case of a negative identification all authorization phases / codes have to be checked, the first one ( 4 ), the second ( 5 ), the third ( 6 ), if all are correct, the authorization is okay and the devices can be paired ( 7 ), for example wirelessly, to be used if at least one is not correct, the authorization is out of order and the devices are not coupled ( 8th ). In the case of a positive identification, for example, the security level is checked ( 3 ), which may be either high (smart card or fingerprint) or low (code or voice), for example. In the case of a high security level, either no further authorization is required at all, and all devices can be coupled ( 7 ), for example, wirelessly to be used, or only the third authorization phase / the code must be checked ( 6 ), if correct, the authorization is okay and the devices can be paired ( 7 ), for example, wirelessly to be used. In the case of a low security level, only the second and third authorization phase / code need to be checked, if both are correct, the authorization is okay, and the devices can be paired ( 7 ), for example wirelessly, to be used if at least one is not correct, the authorization is out of order and the devices can not be paired ( 8th ). The identification and / or authorization may be performed only once, for example, to introduce a new device into an existing device / system, or, for example, every day or every week, or every time the device is to be used.

This in 2 disclosed telecommunication system according to the invention includes a first device 20 that have a wireless connection 90 with a second device 60 to pair with and over a wireless connection 91 with a third device 80 is to pair and the over a wired connection 93 with a fourth device 40 is to couple. The second device 60 and the third device 80 can over a wireless connection 92 be coupled.

The first device 20 contains a bus system 28 for coupling processor 21 , Storage 22 , Human-machine interface 25 (such as a keyboard / display), identification / authorization processor 27 who with connection 30 coupled network interface 23 who with connection 93 coupled system interface 26 and with the antenna 29 coupled transceivers 24 for the wireless connections 90 and 91 ,

The second device 60 contains a bus system 68 for coupling processor 61 , Storage 62 , Human-machine interface 65 (such as a keyboard / display), identification / authorization processor 67 and with the antenna 69 coupled transceivers 64 for the wireless connections 90 and 92 ,

The third device 80 contains a bus system 88 for coupling processor 81 , Storage 82 . Human-machine interface 85 (such as a keyboard / display), identification / authorization processor 87 and with the antenna 89 coupled transceivers 84 for the wireless connections 91 and 92 ,

The fourth device 40 contains a bus system 48 for coupling processor 41 , Storage 42 and the network interface 43 that with the connection 50 is coupled.

This in 2 disclosed telecommunication system according to the invention works as follows.

According to a first embodiment, the first device 20 for example a DECT base station, which has a wireless connection 90 with a second device 60 to couple, which is, for example, a DECT phone, and over a wireless connection 91 with a third device 80 to pair, which is, for example, a DECT phone, and that over the connection 93 with a fourth device 40 which is, for example, a controller or a gateway / server of a digital home network. The first device 20 and the third device 80 already know each other (for example, because they were bought together) and are able to communicate with each other. The first device 20 is with the fourth device 40 about the connection 93 coupled and can continue through the connection 30 be coupled with a network. The second device 60 is new and requires a presentation and authorization before it is able, for example, with the first device 20 to communicate. In the prior art, this was done by entering manufacturer codes via the man-machine interface 25 and / or the human machine interface 65 , for example, a long first manufacturer code (block 4 in 1 ), which has the human-machine interface 25 and / or the human machine interface 65 was entered, after which a first communication between the devices 20 and 60 over the wireless connection 90 takes place, then, for example, a long second manufacturer code (block 5 in 1 ), which has the human-machine interface 25 and / or the human machine interface 65 was entered, after which a second communication between the devices 20 and 60 over the wireless connection 90 takes place, and then, for example, a short confirmation code (block 6 in 1 ), which has the human-machine interface 25 and / or the human machine interface 65 was entered, after which a third communication between the devices 20 and 60 over the wireless connection 90 takes place. This type of mutual representation of two devices is time consuming and user-unfriendly.

According to the invention, once it has become clear that device 60 the device 20 must be presented (for example, if device 20 has received a performance signal, either through the human-machine interface 25 entered or via transceiver 24 and the wireless connection 90 was received, or via the network interface 23 or the system interface 26 received) a user ID checked (block 2 in 1 ), either by asking the user (asking the question for example on the man-machine interface 25 can be displayed or made by generating speech through a speaker, the part of the man-machine interface 25 is) to identify (via a smart card, which is read by a smart card reader, the part of the man-machine interface 25 is, or by a code, over the man-machine interface 25 is to be entered, or by voice that is received via a microphone, the part of the man-machine interface 25 is, or via a fingerprint read by a fingerprint reader, the part of the man-machine interface 25 is, etc.) or by checking a past user identification that is still valid. This identification process is performed, for example, by the identification / authorization processor 27 (possibly in collaboration with memory 22 ) manages processor being 21 the memory 22 and the human-machine interface 25 controls and (for example in response to the preamble signal) the identification / authorization processor 27 activates and / or controls. In the case of a negative identification (no identification generated and / or found within a certain time limit, or a wrong identification has been generated) all authorization phases / codes must be checked, the first being the long first manufacturer code (block 4 in 1 ), the second is the long second manufacturer code (block 5 in 1 ), the third is the short confirmation code (block 6 in 1 ), if all three are correct, the authorization is okay and the devices have been presented to each other (Block 7 in 1 ), if at least one is not correct, the authorization is not correct, the devices are not to be coupled (block 8th in 1 ). In the case of a positive identification, for example, the security level is checked (Block 3 in 1 ), for example, either high (depending on the type of identification: smart card or fingerprint, or depending on the identified person) or low (depending on the type of identification: code or language, or depending on the identified person). In the case of a high security level, either no further authorization is required and all devices can be paired (Block 7 in 1 ), or only the third authorization phase / code has to be checked (block 6 in 1 ), if correct, the authorization is OK and the devices can be paired (block 7 in 1 ). In the case of a low security level, only the second and third authorization phase / code need to be checked; if both are correct, the authorization is fine and the devices can be paired (Block 7 in 1 ) If at least one is incorrect, the authorization is out of order, the devices will not be paired (Block 8th in 1 ). The identification and / or authorization may be performed only once, for example to introduce a new device into an existing device / system, or regularly, for example every day or every week, or every time the device is to be used. Therefore, the generation of the performance signal may be performed by a user and / or automatically at any location.

According to a first alternative to the first embodiment, instead of the man-machine interface 25 for one or more of all described functions of the man-machine interface 25 the man-machine interface 65 used (including a possible speaker, smart card reader, microphone, fingerprint reader, etc.), taking signals over the wireless connection 90 need to be replaced.

According to a second alternative to the first embodiment, instead of the identification / authorization processor 27 for one or more of all described functions of the identification / authorization processor 27 to use, the identification / authorization processor 67 uses, whereby signals over the wireless connection 90 need to be replaced.

According to a third alternative to the first embodiment, the identification / authorization processor 27 ( 67 ) of two separate processors, an identification processor and an authorization processor, each of them partially or completely with the processor 21 ( 61 ) can be integrated.

According to a fourth alternative to the first embodiment, the human-machine interface becomes one or more of the described functions 25 and / or for one or more of the described functions of the identification / authorization processor 27 the function of the device 40 running (whereby signals over the wireless connection 90 must be exchanged) or within a network (whereby signals are transmitted through the connection 30 and or 50 need to be replaced).

According to a second embodiment, the first device 20 for example, a controller or a gateway / server of a Digital Home Network or DHN and is over the connection 93 with the fourth device 40 coupled and can continue through the connection 30 be coupled with a network. The fourth device 40 For example, a device that belongs to the DHN, such as a PC, a TV, a VCR, a refrigerator, a security system, etc., may continue to use the connection 50 be coupled with a network. The second device 60 For example, a DECT base station is over the wireless connection 91 with a third device 80 is coupled, which is for example a DECT telephone. The first device 20 and the fourth device 40 already know each other (for example, because they were bought together and / or because they were introduced to each other) and are able to communicate with each other. The second device 60 and the third device 80 already know each other (for example, because they were bought together), but in the DHN is the combination of the device 60 and the device 80 new and requires presentation and authorization before this combination is able to with, for example, the first device 20 to communicate.

According to the invention, once it has become clear that the devices 60 and 80 the device 20 must be presented (for example, if device 20 has received a performance signal, either through the human-machine interface 25 entered or via transceiver 24 and the wireless connection 90 and or 91 was received, or via the network interface 23 or the system interface 26 received) a user ID checked (block 2 in 1 ), either by asking the user (asking the question for example on the man-machine interface 25 can be displayed or made by generating speech through a speaker, the part of the man-machine interface 25 is) to identify (via a smart card, which is read by a smart card reader, the part of the man-machine interface 25 is, or by a code, over the man-machine interface 25 is to be entered, or by voice that is received via a microphone, the part of the man-machine interface 25 is, or via a fingerprint read by a fingerprint reader, the part of the man-machine interface 25 is, etc.) or by checking a past user identification that is still valid. This identification process is performed, for example, by the identification / authorization processor 27 (Moegli possibly in cooperation with Speicher 22 ) manages processor being 21 the memory 22 and the human-machine interface 25 controls and (for example in response to the preamble signal) the identification / authorization processor 27 activates and / or controls. In the case of a negative identification, all authorization phases / codes must be checked, if all three are correct, the authorization is okay and both devices 60 and 80 were the device 20 presented (block 7 in 1 ), if at least one is not correct, the authorization is not correct, the devices are not to be coupled (block 8th in 1 ). In the case of a positive identification, for example, the security level is checked, which can be either high or low, for example. In the case of a high security level, either no further authorization is required and all devices can be paired (Block 7 in 1 ), or only the third authorization phase / code needs to be checked, if correct, the authorization is OK, and the devices can be paired (Block 7 in 1 ). In the case of a low security level, only the second and third authorization phase / code need to be checked; if both are correct, the authorization is fine and the devices can be paired (Block 7 in 1 ) If at least one is incorrect, the authorization is out of order, the devices will not be paired (Block 8th in 1 ). The identification and / or authorization may be performed only once, for example to introduce a new device into an existing device / system, or regularly, for example every day or every week, or every time the device is to be used. Therefore, the generation of the performance signal may be performed by a user and / or automatically at any location.

According to a first alternative to the second embodiment, instead of the man-machine interface 25 for one or more of all described functions of the man-machine interface 25 the man-machine interface 65 and or 85 used (including a possible speaker, smart card reader, microphone, fingerprint reader, etc.), taking signals over the wireless connection 90 and or 91 need to be replaced.

According to a second alternative to the second embodiment, instead of the identification / authorization processor 27 for one or more of all described functions of the identification / authorization processor 27 to use, the identification / authorization processor 67 and or 87 uses, whereby signals over the wireless connection 90 and or 91 need to be replaced.

According to a third alternative to the second embodiment, the identification / authorization processor 27 ( 67 . 87 ) of two separate processors, an identification processor and an authorization processor, each of them partially or completely with the processor 21 ( 61 . 81 ) can be integrated.

According to a fourth alternative to the second embodiment, the human-machine interface becomes one or more of all the functions described 25 and / or for one or more of the described functions of the identification / authorization processor 27 the function of the device 40 executed (whereby signals over the connection 93 must be exchanged) or within a network (whereby signals are transmitted through the connection 30 and or 50 need to be replaced).

According to a fifth alternative to the second embodiment, both devices 60 and 80 the device 20 be presented separately, or device 60 must device 20 be presented, after which device 80 the device 60 must be presented (in case they did not know each other and were not introduced to each other), etc.

According to a third embodiment, the first device 20 For example, a GSM / DCS / CTS base station that connects over the link 93 with the fourth device 40 is coupled, and can continue through the connection 30 be coupled with a network. The fourth device 40 For example, it is a GSM / DCS / CTS mobile switching center and can still use the connection 50 be coupled with a network. The second device 60 is for example a GSM / DCS / CTS telephone. The first device 20 and the fourth device 40 already know each other (for example, because they have been introduced to each other) and are able to communicate with each other. The second device 60 is new and requires a presentation and authorization before using this device 60 is capable of using, for example, the first device 20 to communicate.

According to the invention, once it has become clear that device 60 the device 20 must be presented (for example, if device 20 has received a performance signal, either through the human-machine interface 25 entered or via transceiver 24 and the wireless connection 90 was received, or via the network interface 23 or the system interface 26 received) a user ID checked (block 2 in 1 ), either in / near the device 20 (In that case, the user probably needs to be near the device 20 appear) by the user auffor dert (where the question for example on the man-machine interface 25 can be displayed or made by generating speech through a speaker, the part of the man-machine interface 25 is) to identify (via a smart card, which is read by a smart card reader, the part of the man-machine interface 25 is, or by a code, over the man-machine interface 25 is to be entered, or by voice that is received via a microphone, the part of the man-machine interface 25 is, or via a fingerprint read by a fingerprint reader, the part of the man-machine interface 25 is, etc.) or near device 60 (In that case, the user does not have to be near the device 20 appear) by prompting the user (asking the question for example on the man-machine interface 65 can be displayed or made by generating speech through a speaker, the part of the man-machine interface 65 is) to identify (via a smart card, which is read by a smart card reader, the part of the man-machine interface 65 is, or by a code, over the man-machine interface 65 is to be entered, or by voice that is received via a microphone, the part of the man-machine interface 65 is, or via a fingerprint read by a fingerprint reader, the part of the man-machine interface 65 is, etc.) or by checking a past user identification that is still valid. This identification process is performed, for example, by the identification / authorization processor 27 and or 67 (possibly in collaboration with memory 22 and or 62 ) manages processor being 21 and or 61 the memory 22 and or 62 and the human-machine interface 25 and or 65 controls and (for example in response to the preamble signal) the identification / authorization processor 27 and or 67 activates and / or controls. In the case of negative identification, long authorization phases / codes must be checked (for example, smart card present in the phone + long code input + short code input), if correct, the authorization is okay and the device 60 became the device 20 presented (block 7 in 1 ), if not correct, the authorization is not correct, the devices are not to be coupled (block 8th in 1 ). In the case of a positive identification, for example, the security level is checked, which can be either high or low, for example. In the case of a high security level, either no further authorization is required and all devices can be paired (Block 7 in 1 ), or only a short authorization phase / code needs to be checked (for example, entering a short code), if correct, the authorization is OK, and the devices can be paired (Block 7 in 1 ). In the case of a low security level, only a medium authorization phase / code needs to be checked (for example calling card in the phone + entering the short code or for example entering the long code + entering the short code), if correct, the authorization is in Order and the devices can be coupled (block 7 in 1 ), if not correct, the authorization is out of order, the devices will not be paired (block 8th in 1 ). The identification and / or authorization may be performed only once, for example to introduce a new device into an existing device / system, or regularly, for example every day or every week, or every time the device is to be used. Therefore, the generation of the performance signal may be performed by a user and / or automatically at any location. Of course, in general, there will be a certain communication over the wireless connection 90 be required before the performance is over to complete an identification / authorization process. This particular communication may be permitted, for example, by a network administrator for a limited time and only for specific purposes and for particular addresses / locations, etc.

According to a first alternative to the third embodiment, there is the identification / authorization processor 27 ( 67 ) of two separate processors, an identification processor and an authorization processor, each of them partially or completely with the processor 21 ( 61 ) can be integrated.

According to a second alternative to the third embodiment, the human-machine interface becomes one or more of all the functions described 25 and / or for one or more of the described functions of the identification / authorization processor 27 the function of the device 40 executed (whereby signals over the connection 93 must be exchanged) or within a network (whereby signals are transmitted through the connection 30 and or 50 need to be replaced).

According to a fourth embodiment, the first device 20 For example, a car radio without keypad and must have the connection 93 with the fourth device 40 be coupled. The fourth device 40 is for example the control panel. The second device 60 and the third device 80 are for example radio transmitting stations. To prevent an unauthorized user from using the car radio 20 used, requires the control panel 40 a presentation / authorization before it is able to with the car radio 20 to communicate (without the Presentation / authorization of the keypad, the car radio can not be used to receive radio signals and / or play CDs or cassettes). In the prior art, this was done by entering a key code via the man-machine interface 25 and / or the man-machine interface (not shown) 45 , This way of presenting two devices to each other is time consuming and user-unfriendly.

According to the invention as soon as the control panel 40 was paired with the car radio, a user ID checked (Block 2 in 1 ), either in / near the device 20 by prompting the user (asking the question for example on the man-machine interface 25 or the man-machine interface (not shown) 45 can be displayed or made by generating speech through a speaker, the part of the man-machine interface 25 or the man-machine interface (not shown) 45 is) to identify (for example, by voice, which is received via a microphone, the part of the man-machine interface 25 or the man-machine interface (not shown) 45 is, or by a fingerprint, read by a fingerprint reader, the part of the man-machine interface 25 or the man-machine interface (not shown) 45 is, etc.) or by checking a past user identification that is still valid (for example, the identification between the engine management system and the ignition key). This identification process is performed, for example, by the identification / authorization processor 27 and / or the identification / authorization processor (not shown) 47 (possibly in collaboration with memory 22 and or 42 ) manages processor being 21 and or 41 the memory 22 and or 42 and the human-machine interface 25 and the human-machine interface (not shown) 45 controls and the identification / authorization processor 27 and / or the identification / authorization processor (not shown) 47 activates and / or controls. In the case of a negative identification (language / fingerprint unclear, no ignition key coupled with the engine management system), the key code must be checked, if correct, the authorization is OK and the keypad was the car radio 20 presented (block 7 in 1 ), if not correct, the authorization is not correct, the devices are not to be coupled (block 8th in 1 ). In the case of a positive identification, for example, no further authorization is required at all and all devices can be coupled (Block 7 in 1 ), or only a shorter key code needs to be entered and checked, if correct, the authorization is OK, and the devices can be paired (Block 7 in 1 ), if not correct, the authorization is not correct, the devices are not to be coupled (block 8th in 1 ). The identification and / or authorization may be performed only once, for example to introduce a new device into an existing device / system, or regularly, for example every day or every week, or every time the device is to be used.

in view of this fourth embodiment can according to a Alternative a car only in the case (for example, but not necessarily) be started when the right key along with the input a long security code is used, according to the invention in the case that a driver was positively identified, only one Part of the long security code, or a completely different, shorter security code or at all no code needs to be entered.

The Invention can be further extended with a detector, with which a unit for identifying a user is recognized, which works properly or not properly, in which case that it is detected that the unit is not working properly, automatically a unit is instructed for authorization, a full authorization to request (instead of a partial authorization for a positive Identification).

All versions are only versions and shut down other, not shown and / or described embodiments not from. All alternatives are just alternatives and exclude others, Not shown and / or described alternatives are not sufficient. each execution (and / or parts thereof) may be used with any other embodiment (and / or Parts of it), and any alternative (and / or parts of which) can be combined with any other alternative (and / or parts thereof), which belongs to the same or a different execution.

Claims (10)

Method for allowing communication between at least two devices in a telecommunication system as a function of a user identification process, characterized in that the method comprises the following steps: - execution of the user identification process ( 2 ), and - in the case of a negative identification, a review of a longer authorization phase / code ( 4 . 5 . 6 ), and - in the case of a positive identification, verification of a security level ( 3 ) the user identification ( 2 ), and - in the case of a lower security level, check a medium authorization phase / middle code ( 5 . 6 ), and - in the case of a higher security level, a review of a shorter authorization phase / a smaller code ( 6 ) or no phase / no code at all. Method according to claim 1, characterized in that the user identification process ( 2 ) The check contains whether a past user identification is still valid. Method according to claim 1 or 2, characterized in that the security level ( 3 ) is checked depending on the type of identification or the recognized user. Method according to one the claims 1 to 3, characterized in that the smaller security level a code recognition or a voice recognition equivalent, the higher security level smart card recognition or fingerprint recognition. Method according to one of claims 1 to 4, characterized in that the longer authorization phase / the longer code ( 4 . 5 . 6 ) a first ( 4 ), second ( 5 ) and third ( 6 ) Authorization phase / code, with the middle authorization phase / middle code ( 5 . 6 ) The second ( 5 ) and third ( 6 ) Authorization phase / code, and where the shorter authorization phase / shorter code ( 6 ) the third ( 6 ) Authorization phase / code matches. Telecommunication system comprising a first device ( 20 ) provided with a second device ( 60 ), the telecommunication system comprising: - an identification receiver ( 25 . 65 ) for receiving an identification signal, and - an authorization recipient ( 25 . 65 ) for receiving an authorization signal, characterized in that the telecommunication system comprises: - a processor ( 27 . 67 ) for performing a user identification process, and in case of a negative identification, checking a longer authorization phase / code, and in case of a positive identification checking a security level of user identification, and in case of a smaller security level checking a middle one Authorization phase / of a code, and in case of a higher security level, verification of a shorter authorization phase / code or no authorization phase / code at all. Telecommunication system according to Claim 6, characterized that the smaller security level of code recognition or speech recognition corresponds, with the higher Security level of smart card detection or fingerprint recognition equivalent. Telecommunication system according to claim 6 or 7, characterized characterized in that the telecommunication system includes a network that is coupled to the first device, wherein either the first Device or the network contains the identification receiver and either the first device or network contains the processor. A first device ( 20 ) for coupling to a second device ( 60 ), the first device ( 20 ) contains: - an identification receiver ( 25 ) for receiving an identification signal, and - an authorization recipient ( 25 ) for receiving an authorization signal, characterized in that the first device ( 20 ) comprises: - a processor ( 27 ) for performing a user identification process, and in case of a negative identification, checking a longer authorization phase / code, and in case of a positive identification checking a security level of user identification, and in case of a smaller security level checking a middle one Authorization phase / of a code, and in case of a higher security level, verification of a shorter authorization phase / code or no authorization phase / code at all. A first device ( 20 ) according to claim 9, characterized in that the smaller security level corresponds to a code recognition or a speech recognition, wherein the higher security level corresponds to a smart card recognition or a fingerprint recognition.